CVE-2025-14799 is a vulnerability classified under CWE-843 (Access of Resource Using Incompatible Type, or Type Confusion) found in the Brevo – Email, SMS, Web Push, Chat, and more. WordPress plugin developed by neeraj_slit. The flaw is due to the use of PHP loose comparison (==) instead of strict comparison (===) when validating the installation ID parameter in the REST API endpoint /wp-json/mailin/v1/mailin_disconnect. Because PHP's loose comparison allows different data types to be considered equal (e.g., boolean true == string 'somevalue'), an attacker can bypass authorization checks by sending a boolean true value for the 'id' parameter. This bypass enables unauthenticated attackers to forcibly disconnect the Brevo integration, delete the API key, remove all subscription forms, and reset plugin settings. The vulnerability affects all plugin versions up to and including 3.3.0. The CVSS 3.1 base score is 6.5 (medium), reflecting network attack vector, no privileges required, no user interaction, and impact on integrity and availability but not confidentiality. No known exploits have been reported yet. The vulnerability could lead to denial of service of Brevo-related communication features and loss of configuration, which may disrupt marketing and customer engagement workflows. The root cause is improper type handling in authorization logic, a common PHP security pitfall.

For European organizations using the Brevo WordPress plugin, this vulnerability could result in unauthorized disruption of critical communication channels such as email, SMS, web push notifications, and chat services. The ability for unauthenticated attackers to reset plugin settings and delete API keys could lead to service outages, loss of subscriber data, and interruption of marketing campaigns. This may cause reputational damage, reduced customer engagement, and potential regulatory compliance issues, especially under GDPR if subscriber data is affected or lost. Organizations relying heavily on Brevo for customer communications or transactional messaging could experience operational impacts. Additionally, attackers could leverage the disruption to conduct further attacks or social engineering by exploiting the downtime or altered communication flows. The vulnerability’s network accessibility and lack of authentication requirement increase the risk of widespread exploitation if not mitigated promptly.

1. Upgrade the Brevo plugin to a version where this vulnerability is patched once available. Monitor the vendor's official channels for updates. 2. As an immediate workaround, restrict access to the /wp-json/mailin/v1/mailin_disconnect REST API endpoint using web application firewall (WAF) rules or server-level access controls to allow only trusted IP addresses or authenticated users. 3. Implement strict input validation and type checking in any custom code interacting with the plugin or its API endpoints. 4. Regularly back up plugin settings and subscriber data to enable quick restoration in case of unauthorized resets. 5. Monitor WordPress logs and API access logs for unusual requests to the vulnerable endpoint, especially those containing boolean or unexpected parameter values. 6. Employ security plugins that can detect and block suspicious REST API calls. 7. Educate site administrators about the risks of using plugins with known vulnerabilities and encourage timely patching and security hygiene. 8. Consider isolating critical communication plugins in a staging environment before deployment to production to detect such issues early.